Security Alert

May 16 – Phishing Attempt

Thursday, May 16, 2019 many UA employees received a spam email from the email address hellenwang201610@yahoo.com. The message featured political content, images and several external links. UAPD has been notified of this email. If you did receive it, please delete it.

May 13 – Phishing Attempt

Monday, May 13, 2019, many UA employees received a phishing email with the subject “Re: Payment Approval – Please Review Asap” This email is an email scam.

Emails like these are phishing attempts designed to steal credentials such as a myBama username or password.  Remember to notice the red flags of phishing emails. Look at the from email address of the email.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Password Change Requests

The OIT security team recently completed an analysis of passwords and other information available online due to the many security breaches that have occurred in the past few years. These breaches include Yahoo, LinkedIn, Tumblr, AntiPublic, and hundreds of others. The analysis indicated that many users’ myBama account password was also used as a password at one of these hundreds of sites and services.

The University of Alabama has not experienced a breach, we have simply noted that many myBama passwords may have been compromised due to use on other websites that have been breached (Yahoo, LinkedIn, etc.). 

If you received an email from OIT, we strongly recommend that you change your myBama password immediately. To change your password, visit mybama.ua.edu and click the change your password link on the right column. We also recommend that you change any other online account that used this password. Remember, you should have a complex and unique password for every online account.

Additionally, if you are not a DUO user, we recommend you activate DUO two-factor authentication to better protect your UA account. DUO provides a second layer of security to your account by requiring two factors to verify identity.

If you have any questions or concerns, please contact the IT Service Desk at itsd@ua.edu.

March 19 – Phishing Alert

Tuesday, March 19, 2019, many UA students received a phishing email with the subject “The University of Alabama:  Immediate Availability Jobs, Employment.” This email did not originate from UA, it is an email scam.

Emails like these are phishing attempts designed to steal credentials such as a myBama username or password.  Remember to notice the red flags of phishing emails. Look at the from email address of the email. Official UA emails will be delivered from a @ua.edu email address.  

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Feb. 24 – Phishing Alert

Sunday, Feb. 24, 2019, many UA faculty and staff members received a phishing email with the subject “FW: 2019 Payroll Adjustment” This email did not originate from UA, it is an email scam.

Emails like these are phishing attempts designed to steal credentials such as a myBama username or password.  Remember to notice the red flags of phishing emails. Look at the from email address of the email. Official UA emails will be delivered from a @ua.edu email address.  

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Student Phishing Alert – Job Scams

Thursday, Jan. 31, 2019, many UA students received phishing emails that pose as job opportunities; however, the emails did not originate from UA nor reputable companies, these emails are scams.  

Emails like these are phishing attempts designed to steal credentials such as a myBama username or password.  Remember to notice the red flags of phishing emails. Look at the from email address of the email. Official UA emails will be delivered from a @ua.edu email address, and reputable companies will send emails from their domain name, not from Gmail or Yahoo email addresses.

If you did receive an email like this, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Jan. 28, 2019 – Phishing Alert

Monday, Jan. 28, 2019, many UA employees received a phishing email from the email jcmezzetti@alaska.edu. The email appeared to be from the IT Help Desk; however, the email did not originate from UA or our office, it is an email scam.  

This email is a phishing attempt designed to steal credentials such as a myBama username or password.  If you haven’t already, please delete the email. Additionally, if you are not a DUO user, please activate your DUO account at duo.ua.edu.

If you did receive this email, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Jan. 23, 2019 – Phishing Alert

Wednesday, Jan. 23, 2019, many UA employees received a phishing email from the email address tls071000@utdallas.edu. The email appeared to be a letter from President Bell; however, the email did not originate from UA, it is an email scam.  

This email is a phishing attempt designed to steal credentials such as a myBama username or password.  If you haven’t already, please delete the email. Additionally, if you are not a DUO user, please activate your DUO account at duo.ua.edu.

If you did receive this email, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Jan. 8, 2019 – Phishing Alert

Tuesday, Jan. 8, 2019, many UA students, faculty and staff received a phishing email from a compromised crimson email account. The email posed as the IT Service Desk; however, the email did not originate from OIT, it is an email scam.  

This email is a phishing attempt designed to steal credentials such as a myBama username or password.  If you haven’t already, please delete the email. Additionally, if you are not a DUO user, please activate your DUO account at duo.ua.edu.

If you did receive this email, and you did provide any sensitive information, please contact the IT Service Desk at 205-348-5555 or itsd@ua.edu.

Gift Card Phishing Scams

Over the past few months, OIT has seen a major rise in phishing attempts where malicious actors attempt to exploit money from UA employees. The emails appear to come from a supervisor or another organization leader, and the emails are directed to an employee in that organization or group. This scam has been occurring at UA for several months, beginning with senior leadership.

The emails begin by the malicious actor engaging employees in an email-only conversation that attempts to convince the employee to purchase gift cards. If you look closely, the “From:” email address is not actually a ua.edu email address, but an alternative email address the actor set up outside of UA.  The email address may appear to come from a UA contact, but it is usually a Gmail, AOL or other external email address that includes the name of the supervisor or leader. Often, the emails have poor spelling and grammar. Additionally, the emails are usually brief and may only be a subject line. Below are a few examples of these emails.


Subject: Hi [NAME OF TARGET]

Good morning,

 Are you in the office? If not please i have an important errand i want you to run for me in the store right now? 

Thanks

Best Regards.

[NAME OF THE SUPERVISOR OR LEADERSHIP]

Executive Director


Subject: Hello Are you in compus


Subject: Hello

Are you available on campus 


Do not be fooled by these phishing emails. Remember to always look at the “From:” address to make sure it is an actual supervisor or leader’s ua.edu email address. If you do receive an email like this, please send a copy to security@ua.edu, and then delete the email.